What ports do I need to open to access the Crash Plan Pro Web Interface

[tbullers]

What ports need to be opened on my Linux server so that I can access the Crash Plan Pro web interface? The only documentation I can find is for port 5800.

Here's how I set up my Ubuntu 22.04 server: I disabled my UFW firewall when I installed the Crash Plan Pro container. It works great. I can access the web interface on port 5800.

I add a rule in my firewall to keep port 5800 accessible: sudo ufw allow from 192.168.1.0/24 to any port 5800

I then enable the UFW firewall, and immediately I'm blocked from accessing the web interface.

If I disable the firewall, I can then connect to the CPP Web interface with http://servername:5800

Here's the UFW status:

Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       192.168.1.0/24
5800                       ALLOW       192.168.1.0/24

Here's the netstat output showing that the CPP container is listening to port 5800:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1392/sshd: /usr/sbi
tcp        0      0 0.0.0.0:50000           0.0.0.0:*               LISTEN      1278070/docker-prox
tcp        0      0 0.0.0.0:5800            0.0.0.0:*               LISTEN      1645373/docker-prox
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      1163/systemd-resolv
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      1253987/cupsd
tcp        0      0 192.168.1.191:42874     192.168.1.30:445        ESTABLISHED -
tcp        0    272 192.168.1.191:22        192.168.1.174:53090     ESTABLISHED 1634871/sshd: tbull
tcp6       0      0 :::22                   :::*                    LISTEN      1392/sshd: /usr/sbi
tcp6       0      0 :::50000                :::*                    LISTEN      1278077/docker-prox
tcp6       0      0 :::3389                 :::*                    LISTEN      1361/xrdp
tcp6       0      0 :::5800                 :::*                    LISTEN      1645380/docker-prox
tcp6       0      0 ::1:3350                :::*                    LISTEN      1336/xrdp-sesman
tcp6       0      0 ::1:631                 :::*                    LISTEN      1253987/cupsd
udp        0      0 127.0.0.53:53           0.0.0.0:*                           1163/systemd-resolv
udp        0      0 192.168.1.191:68        0.0.0.0:*                           1161/systemd-networ
udp        0      0 0.0.0.0:631             0.0.0.0:*                           1253989/cups-browse
udp        0      0 0.0.0.0:50182           0.0.0.0:*                           1175/avahi-daemon:
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           1175/avahi-daemon:
udp6       0      0 :::48257                :::*                                1175/avahi-daemon:
udp6       0      0 :::5353                 :::*                                1175/avahi-daemon:

[jlesage]

What is the configuration of the container ? Which network type it is using ?

[tbullers]

I thought there might be other ports that needed to be open (have been bit by un documented ports before), but it appears that requests were being blocked by a restrictive default forwarding policy (to the container network interface) in UFW.

edit /etc/default/ufw to change DEFAULT_FORWARD_POLICY's value to "ACCEPT", reload with [sudo] ufw reload.

Solution is detailed here: https://stackoverflow.com/questions/17394241/my-firewall-is-blocking-network-connections-from-the-docker-container-to-outside

Thanks for listening. :)